krb5.git/src/lib/gssapi/spnego, branch keyring MIT Kerberos patches Add GSSAPI IOV MIC functions 2013-09-18T22:22:16+00:00 Greg Hudson ghudson@mit.edu 2013-09-08T01:13:48+00:00 d750ef3130b76dd079e863ed395eb3620a37386b Add gss_get_mic_iov, gss_get_mic_iov_length, and gss_verify_mic_iov functions, which work similarly to the corresponding IOV wrap functions. Add a new buffer type GSS_IOV_BUFFER_TYPE_MIC_TOKEN for the destination buffer. Most of the internal code for this was already present, and just needed to be fixed up and adjusted to use the new buffer type for the MIC token. ticket: 7705 (new) 
Add gss_get_mic_iov, gss_get_mic_iov_length, and gss_verify_mic_iov
functions, which work similarly to the corresponding IOV wrap
functions.  Add a new buffer type GSS_IOV_BUFFER_TYPE_MIC_TOKEN for
the destination buffer.

Most of the internal code for this was already present, and just
needed to be fixed up and adjusted to use the new buffer type for the
MIC token.

ticket: 7705 (new)
Fix various warnings 2013-06-07T19:19:37+00:00 Greg Hudson ghudson@mit.edu 2013-06-07T19:17:31+00:00 e51c089b745161dd6e1d64998e99d065fc22377e 






Reduce boilerplate in makefiles
2013-05-17T00:09:27+00:00

Greg Hudson
ghudson@mit.edu

2013-05-16T18:21:12+00:00

4b0985f8573840838bcfa8ec1df3dcd39a3dbf15

Provide default values in pre.in for PROG_LIBPATH, PROG_RPATH,
SHLIB_DIRS, SHLIB_RDIRS, and STOBJLISTS so that they don't have to be
specified in the common case.  Rename KRB5_RUN_ENV and KRB5_RUN_VARS
to RUN_SETUP (already the most commonly used name) and RUN_VARS.  Make
sure to use DEFINES for local defines (not DEFS).  Remove some other
unnecessary makefile content.





Provide default values in pre.in for PROG_LIBPATH, PROG_RPATH,
SHLIB_DIRS, SHLIB_RDIRS, and STOBJLISTS so that they don't have to be
specified in the common case.  Rename KRB5_RUN_ENV and KRB5_RUN_VARS
to RUN_SETUP (already the most commonly used name) and RUN_VARS.  Make
sure to use DEFINES for local defines (not DEFS).  Remove some other
unnecessary makefile content.







Fix mismatched spnego_mech.c declarations
2013-05-03T17:09:08+00:00

Greg Hudson
ghudson@mit.edu

2013-05-03T17:09:08+00:00

8c4db8f776c65b50fe3af82fd62a67022dd9a6d5

The mechglue definitions of gssint_get_der_length and friends use
unsigned int for the buffer length, not OM_uint32.





The mechglue definitions of gssint_get_der_length and friends use
unsigned int for the buffer length, not OM_uint32.







make depend
2013-03-24T05:30:33+00:00

Greg Hudson
ghudson@mit.edu

2013-03-24T05:30:33+00:00

24c8bacbccc854dc30fd6baee49cdd2bf2557e47












make depend
2013-01-10T17:46:26+00:00

Greg Hudson
ghudson@mit.edu

2013-01-10T17:46:26+00:00

2807e8e1e1dc89b3d482de7c73d13d19187fdb38

Mostly this gets rid of the trailing space on line 2 after
bb76891f5386526bdf91bc790c614fc9296cb5fa.





Mostly this gets rid of the trailing space on line 2 after
bb76891f5386526bdf91bc790c614fc9296cb5fa.







Separate clpreauth and kdcpreauth interfaces
2012-12-19T19:24:21+00:00

Greg Hudson
ghudson@mit.edu

2012-10-21T23:37:14+00:00

f0794cba6a406fc834434eb6dc794bf29eda4a13

Since there is no overlap between the clpreauth and kdcpreauth
interface declarations, there's no particular reason to combine them
into one header.  For backward compatibility and convenience, leave
behind a preauth_plugin.h which includes both.





Since there is no overlap between the clpreauth and kdcpreauth
interface declarations, there's no particular reason to combine them
into one header.  For backward compatibility and convenience, leave
behind a preauth_plugin.h which includes both.







Fix various integer issues
2012-12-10T19:21:36+00:00

Greg Hudson
ghudson@mit.edu

2012-12-10T19:18:30+00:00

d3c5450ddf0b20855e86dab41735d56c6860156b

In kdc_util.c and spnego_mech.c, error returns from ASN.1 length
functions could be ignored because they were assigned to unsigned
values.  In spnego_mech.c, two buffer size checks could be rewritten
to reduce the likelihood of pointer overflow.  In dump.c and
kdc_preauth.c, calloc() could be used to simplify the code and avoid
multiplication overflow.  In pkinit_clnt.c, the wrong value was
checked for a null result from malloc(), and the code could be
simplified.

Reported by Nickolai Zeldovich <nickolai@csail.mit.edu>.

ticket: 7488





In kdc_util.c and spnego_mech.c, error returns from ASN.1 length
functions could be ignored because they were assigned to unsigned
values.  In spnego_mech.c, two buffer size checks could be rewritten
to reduce the likelihood of pointer overflow.  In dump.c and
kdc_preauth.c, calloc() could be used to simplify the code and avoid
multiplication overflow.  In pkinit_clnt.c, the wrong value was
checked for a null result from malloc(), and the code could be
simplified.

Reported by Nickolai Zeldovich <nickolai@csail.mit.edu>.

ticket: 7488







Add SPNEGO support for GSS cred export and import
2012-09-11T05:15:43+00:00

Greg Hudson
ghudson@mit.edu

2012-08-29T15:57:26+00:00

9c1a6246f1f6f4904e66f9f9eefbdc59e5c8b69f

ticket: 7354





ticket: 7354







Use gssalloc in more parts of GSSAPI
2012-08-11T04:28:33+00:00

Greg Hudson
ghudson@mit.edu

2012-08-11T04:13:05+00:00

b0edf38aafe3a365821cae4874e4608f95e28896

Fix some GSSAPI buffer allocations which were missed in
800358b1790ef82710af0b6021c6ff2dca2b0de7: gss_export_sec_context,
gss_display_name, and IAKERB and SPNEGO token construction.

ticket: 7233 (new)
tags: pullup





Fix some GSSAPI buffer allocations which were missed in
800358b1790ef82710af0b6021c6ff2dca2b0de7: gss_export_sec_context,
gss_display_name, and IAKERB and SPNEGO token construction.

ticket: 7233 (new)
tags: pullup